mmetc
2d81e751a1
fix parser test 2k23 ( #1971 )
2023-01-04 15:46:16 +01:00
Laurence Jones
fd1c38811e
Add parse unix to dateparse enricher ( #1958 )
...
Add parse unix is we do have a strTime but wasnt parsed using convential golang time
2022-12-30 12:47:14 +00:00
mmetc
72c1753fb7
fix tls communication with lapi and user/pw auth ( #1956 )
...
allow self-signed TLS encryption with user/pw auth
docker:
- remove defaults for certificate file locations
- new envvar INSECURE_SKIP_VERIFY
- register agent before TLS settings (cscli machine add removes them
from the credentials file)
2022-12-29 22:00:11 +01:00
Laurence Jones
401739b036
Add unix expr helper ( #1952 )
...
* Add unix expr helper
* Add original value not parsed error
* return early if cannot parse
* Add tests
* Fix negative value
2022-12-29 14:53:06 +00:00
Thibault "bui" Koechlin
e4463c412b
Improve warnings around lack of evt.StrTime
field ( #1954 )
...
* fix #1951 : improve error messages
* make hubtest warn you if you're missing evt.StrTime in your logs
2022-12-29 15:03:32 +01:00
mmetc
6efc2688b1
simplify feature flags ( #1947 )
...
Now checking for a feature flag is a one liner,
with no need to control errors.
if fflag.Crowdsec.CscliSetup.IsEnabled() {
...
}
2022-12-26 14:23:41 +01:00
mmetc
5d2c99bb17
runtime feature flag initialization
2022-12-21 17:19:20 +01:00
mmetc
ff88faf402
updated localstack dependencies, added build cache
2022-12-21 12:20:01 +01:00
mmetc
a32aa96752
feature flags ( #1933 )
...
Package fflag provides a simple feature flag system.
Feature names are lowercase and can only contain letters, numbers, undercores
and dots.
good: "foo", "foo_bar", "foo.bar"
bad: "Foo", "foo-bar"
A feature flag can be enabled by the user with an environment variable
or by adding it to {ConfigDir}/feature.yaml
I.e. CROWDSEC_FEATURE_FOO_BAR=true
or in feature.yaml:
```
---
- foo_bar
```
If the variable is set to false, the feature can still be enabled
in feature.yaml. Features cannot be disabled in the file.
A feature flag can be deprecated or retired. A deprecated feature flag is
still accepted but a warning is logged. A retired feature flag is ignored
and an error is logged.
A specific deprecation message is used to inform the user of the behavior
that has been decided when the flag is/was finally retired.
2022-12-20 16:11:51 +01:00
he2ss
579cecde04
apiclient: fix http roundtrip (clone body also) ( #1758 )
...
* apiclient: fix http roundtrip (clone body also)
2022-12-14 16:42:46 +01:00
Laurence Jones
fe23da6e0c
Add postgres socket support, clean some code ( #1926 )
2022-12-12 16:08:19 +00:00
Laurence Jones
11965f08db
Add socket support to mysql ( #1911 )
2022-12-08 09:33:08 +00:00
mmetc
cc228f1868
Typos, grammar ( #1905 )
2022-12-06 15:55:27 +01:00
blotus
fdda940ac0
Add Kubernetes audit acquisition ( #1767 )
2022-12-06 13:47:29 +01:00
mmetc
fd3e668fe1
add -error flag to crowdsec binary ( #1903 )
2022-12-03 08:56:11 +01:00
mmetc
fa0e590778
removed pid_dir ( #1906 )
2022-12-02 13:42:43 +01:00
mmetc
4a6a9c4355
acquisition: validate datasources before configuration (static checks) ( #1841 )
...
* acquisition: validate datasources before configuration (allow static configuration checks)
* remove comment
* import reviser, format
* error wrap
2022-11-30 17:36:56 +01:00
blotus
60f1228030
use a copy of bucket processors in LeakRoutine ( #1902 )
2022-11-30 10:59:47 +01:00
mmetc
104f5d1fe6
lint: error handling cleanup ( #1877 )
2022-11-29 09:16:07 +01:00
mmetc
66543493b5
fix nil dereference: check that httpServer is set before shutting down ( #1893 )
2022-11-28 11:55:08 +01:00
mmetc
fde9640364
Docker refactoring, tls setup ( #1869 )
2022-11-28 10:35:12 +01:00
blotus
c5079ac15e
invalidate agent token on 403 as well ( #1888 )
2022-11-25 14:35:50 +01:00
mmetc
5bdd3bbfcb
require at least go 1.18 to build ( #1884 )
2022-11-24 11:29:54 +01:00
Laurence Jones
4ac01ed880
Update perms for group read ( #1876 )
2022-11-21 09:49:56 +00:00
mmetc
3beb84bcfe
print missing "AS" values as empty strings instead of "0 " ( #1867 )
2022-11-14 09:55:53 +01:00
Thibault "bui" Koechlin
523343b174
notify when community-blocklist starts pull ( #1845 )
...
* minor change to notify blocklist pull update, will make eventual troubleshooting easier
2022-11-08 10:44:25 +01:00
Thibault "bui" Koechlin
3b4da7e637
fix #1860 : Only repeat the WAL warning once ( #1863 )
...
* fix #1860
2022-11-07 16:36:39 +01:00
mmetc
895691dad1
enabled linters: gocritic, nilerr ( #1853 )
2022-11-07 10:36:50 +01:00
Manuel Sabban
8aca00326d
fix ticker ( #1858 )
...
Co-authored-by: sabban <15465465+sabban@users.noreply.github.com>
2022-11-04 13:56:43 +01:00
Laurence Jones
668627f890
Add error checking to lookup host ( #1847 )
2022-10-31 18:38:01 +00:00
mmetc
344b1dc559
fixed package tests w/wal, gitignore/typos ( #1849 )
2022-10-31 10:02:51 +01:00
mmetc
df88f4e1e9
randomize pull, push and metric intervals; reload crowdsec only when hub changed ( #1846 )
2022-10-28 13:55:59 +02:00
mmetc
02d2eab18c
update golangci-lint to 1.50 and fixes ( #1828 )
2022-10-26 15:11:37 +02:00
ThinkChaos
22479a289d
Add LookupHost expr lib func ( #1775 )
2022-10-26 10:17:48 +01:00
mmetc
2088bb1f91
fix for #1839 ( #1840 )
2022-10-26 11:02:12 +02:00
blotus
b7c4bfd4e3
Use explicit transaction when inserting community blocklist ( #1835 )
2022-10-26 10:48:17 +02:00
mmetc
e545933923
fix(cscli): correct and test the behavior of "cscli collections delete" ( #1824 )
2022-10-25 14:10:51 +02:00
blotus
bb2f0e938f
Blocklist: Do not duplicate decisions when pulling ( #1796 )
2022-10-19 15:51:40 +02:00
Thibault "bui" Koechlin
ae6bf39495
support decisions deletion via scenario + alerts delete via ID ( #1798 )
2022-10-19 14:37:27 +02:00
mmetc
6b0097a24b
change warning to debug when directories are missing in hub sync ( #1819 )
2022-10-18 10:32:54 +02:00
mmetc
2b7e3ff1e7
warn if no acquisition files are found, acquisition_test refactoring, tests ( #1816 )
2022-10-17 17:32:08 +02:00
mmetc
ec0d2a5ed2
refactor broker_test.go, extract cstest/filenotfound*.go ( #1815 )
2022-10-17 14:17:23 +02:00
mmetc
a96b3e077d
rename pkg/cstest -> pkg/hubtest ( #1811 )
...
keep cstest for generic helper functions
this also avoids circular imports in test files
2022-10-17 09:24:07 +02:00
mmetc
8fecc2c00b
enable staticcheck linter; fixes ( #1806 )
...
- explicitly ignore returned parameters
- replace Walk with faster WalkDir
- log path error during hub dir sync
- colorize static unit tests
- removed duplicate import in crowdsec/main.go
- typos
- func tests: default datasource in tests/var/log instead of /tmp
- action setup-go v3
2022-10-14 16:12:21 +02:00
Manuel Sabban
7359586f1c
fix ticker mix up ( #1807 )
...
Co-authored-by: sabban <15465465+sabban@users.noreply.github.com>
2022-10-13 14:30:27 +02:00
mmetc
4b3c9c2806
print cscli usage in color, fix windows terminal detection ( #1801 )
2022-10-13 12:28:24 +02:00
mmetc
7674f907c4
replace log.Fatal with t.Fatal ( #1805 )
...
This is required to run deferred teardown functions
2022-10-13 10:42:46 +02:00
mmetc
1d9f861f28
unit tests: always capture testcase variable -> allow parallel testing ( #1797 )
2022-10-10 10:48:26 +02:00
Shivam Sandbhor
74659a82ab
Fast bulk alert delete ( #1791 )
2022-10-07 12:40:30 +02:00
mmetc
ddd75eae9a
cscli: new tables, --color yes|no|auto option ( #1763 )
2022-10-07 11:05:35 +02:00